Summary and knowledge check
In this module, you learned about how Microsoft 365 procures, monitors, and manages subprocessors to help protect data from unauthorized access and inappropriate use.
Now that you have completed this module, you should be able to:
- Explain how the Supplier Security and Privacy Assurance (SSPA) program helps Microsoft online services protect customer data and personal data.
- List the types of subprocessors utilized by Microsoft and the access controls employed by each type.
- Describe how Microsoft 365's additional subprocessor requirements limit the number of approved subprocessors and provides notice to customers when new subprocessors are approved.
- List subprocessor onboarding and ongoing subprocessor verification requirements required by the SSPA program.
- Describe Microsoft commitments to protecting customer data and personal data when a supplier contract ends.